The kinds of information accessible through communication networks have become extremely diverse in recent years, which range from electronic commerce such as product trading or credit to on-line medical diagnoses or individual medical records, and to perusal of registered items or the issue of certificates from public offices. The application and utilization of such information is increasing for years.
Such personal information has something to do with individual's privacy, and it is often prohibited from being informed to others if there is the danger of leaking the information to public. To establish a more convenient information-based society associated with advances in electronic information communication networks, there has been a demand for a highly reliable user authentication system capable of making a clear distinction between individuals.
Such a mechanism for authenticating personal identity can also be used in a lock device to prohibit entrance of unauthorized persons into a laboratory, a business office, or a house, and for an improvement in security of electronic money.
The password has been most commonly used in authenticating user identity. The password is easy to use, but it is hard to eliminate thieves who steal the user's passwords. To prevent password thefts, the user takes care in protecting the security of password such as to use a long password, to select a password difficult to guess, or to change the password on occasion. Cryptography has also widely been used for security in communications, which encrypts communication contents to prevent others from recognizing the contents easily even when data leakage occurs.
Nevertheless, such security measures cannot be perfect, and the password may be stolen by others through wiretapping communication, cracking the encrypted code, or stealing a look at the password. Further, the more complicated the password is, the more difficult for the user to remember. It is also essential that any complicated password can be duplicated by any means as soon as the password is stored as digital data.
To prevent others from pretending the user and authenticate user identity securely, there has been considered another method of authenticating user identity based on information indicative of so-called biological individuality of the user such as a fingerprint or voiceprint. However, the biological individuality data has generally a large quantity of information, and this requires extremely dense traffic flows between an authentication access terminal and an certification authority in which the user's biological information is stored. Such dense traffic flows may cause a traffic jam in a communication channel and increase of communication time, and it is hard to apply this method to practical use except for special environments. In the method, other problems also remain with the data managing place and managing method.
In recent years, a lock control system has been widely used for security in a research center, a business office, a laboratory, a document memory room, and a house or apartment building. In the lock control system, persons permitted to enter a specific place are limited, and a lock is opened only when a card issued to authorized persons has passed in authentication.
It is also essential to authenticate personal identity accurately in the case where only the person concerned can receive services such as electronic commercial transaction as product trading or credit, on-line medical diagnoses, perusal of individual medical records or registered items from public offices, or issue of certificates. Such transactions are increasing to be conducted by accessing information through a communication network instead of face-to-face communication.
In conducting such transactions, it is necessary to judge whether the person concerned is the authentic user or not. The judgment must be accurately made without face-to-face talk. In these cases, a card can be used to authenticate personal identity, and this makes it possible to improve the reliability.
Since the level of security varies according to the type of transaction, the depth of personal authentication varies. For example, in case of a sale of cheap products, it may be required nothing but the approval of the authenticity of the card. On the other hand, in case of the issue of medical records, it may be desired to use the authenticity of the card together with biological information capable of authenticating personal identity securely such as a photograph of the face, a fingerprint, or a voiceprint.
A key card for use in lock control system or entrance control system is generally issued for each lock and the key card is to be carried or charged by the respective authorized persons. If many rooms are subject to entrance control, a highly qualified person must carry many key cards, and this makes the charge of keys complicated. On the other hand, plural qualified-persons may often share one key card with each other. In this case, unauthorized persons may easily steal and improperly use the password or the key card unless being strictly cared, and this will be more difficult to keep security.
A business card is also issued for each business transaction by the consent of all the parties, and thereby the transaction cards carried by one person tend to be enormous in number before he is aware.
The use of a card as a key is applied to other cases, for example, lockers for rent. In this case, the key is prepared for each locker and lent to the user. Since even a person other than the genuine user can open the locker by the lent key, the stored things may be stolen by others, thus the security is insufficient.
In case of safe-deposit boxes with higher security, a safe box is not unlocked by the key handed over to the user at the time of lending the safe box unless another key held by a superintendent are used together. The trouble with this system is that the superintendent must attend to unlock every safe box. In addition, a stolen or duplicated key can be used to unlock a corresponding safe box, and the security is still insufficient.
Some safe-deposit box systems provide each safe box with a dial or keyboard for entering a code to the lock. In this case, the user inputs a code at the time of locking the safe box to prohibit the safe box from being opened without inputting the same code. This makes it possible for the user to eliminate the need to carry a key. Since the user unlocks the safe box based on a code set at each use of the safe box be the user, the security is high despite its ease of use. It is nevertheless possible for others to steal a look at the code or to decipher the code by guess or trial for unlocking the safe box.
Further, there is another type of lock control system, in which entrance of persons into a laboratory, a document memory room, or a medicine memory room is limited to only the authorized persons for security. In this case, the lock is not opened unless any authorized person has passed in authenticating personal identity with a card issued to the person. However, if the card is carelessly charged or kept by a person selected in the company, unauthorized persons may possibly enter the place freely using the card.
Since the level of security varies depending on the lock to which a user accesses, a facility requiring low level security should avoid such excessively high security system as to require the user to carry out extremely complicated steps. For example, secure authentication even accompanied with complicated steps is necessary to open a memory shelf keeping deadly poisons, while easy authentication is enough for normal medicines as long as the amount of takeout is cared.
Even in case of safe-deposit boxes, the level of security varies according to the importance of stored things. For example, expensive property or valuables for which there are no substitutes differ in level of security from replaceable goods.
As for the type of card, a card with a CPU and a memory incorporated therein, such as an IC card, has been used as a credit card or electronic-cash card in recent years.
The IC card has features to conduct complicated computations required for a high level of authentication, and to easily rewrite or renew recorded contents. Such features are adequate to a card for record of details about sequential transactions one by one, or for use as electronic money.
Further, the memory capacity built in the IC card is increasing, and this makes it possible for users to carry the various personal information by carrying the card. Such personal information convenient to carry around includes an ID number of insurance deed, a user's number of credit card, a personnel card number or an individual history in the company, balance of electronic money account, details of a family register, a medical history, an address book, and so on. Such personal information has something to do with individual's privacy, and may often require its concealability.
Since such an authentication IC card authenticates personal identity based on the information recorded thereon, the security of the card is important.
It is therefore an object of the invention to provide a user authentication system that can obtain a quick response while retaining a high level of security in authenticating personal identity for electronic information exchange or electronic business transaction, and a user authentication card and a user authentication device for use in the user authentication system.
It is another object of the invention to provide an integrated authentication IC card that can combine various authentication cards issued for respective transactions for authenticating eligible persons so as to improve security in each transaction or lock system. Still another object of the invention is to provide an authentication IC card capable of assuring security of access to information stored in the IC card itself while seeking complete privacy protection.
It is yet another object of the invention to provide a lock control system offering a superior level of security, which can strictly judge an authorized person while setting the depth of authentication of the authorized person as required.